The problem with preventing such scams is that social engineering is very lo-tech in nature, requiring little in the way of technical resources and investment. Scammers are relying on the victims naivety, to grant them access to their computer and credit card details, so there’s very little a security company can do to prevent them,
Archives - August 2010
Urban Schrott, IT Security & Cybercrime Analyst, ESET Ireland, contributed an article to ESET's July ThreatSense report about support scams. Since this is an issue that is still being under-reported, we thought it was worth reproducing, with the urbane Mr. Schrott's permission, on the blog. While we're on that topic, there's a video worth watching
Every layer of protection you add will harden the target against cybercrime. SmartScreen technology found in Internet Explorer 8 has recently clocked over 1 billion blocked potential malware downloads from malicious sites. By way of Terry Zink’s blog: 1 billion malware blocks is an amazing milestone and an example of two things. First socially engineered
I just blogged about a potential new Facebook worm. It may turn out that it is not a worm, but another type of attack that involves multiple levels of criminal organizations, which to some degree are being aided by the privacy laws in the Holland. To begin with there are stolen credential attacks. The two
There may be a new worm on Facebook today. Unfortunately I don’t yet have enough data to be conclusive. A friend received an IM from a friend on Facebook that said “Hey i just made myself a cartoon omg lol ill show you but you gotta do urs too” The IM also included a link
There have been recent articles with fantastic titles such as “New threat: Hackers look to take over power plants” and “Hackers Target Power Plants and Physical Systems” in the wake of the Stuxnet worm that targeted certain industrial control systems (ICS). The reality is that hackers targeting ICS is nothing new. I am not clear
The survey asked just two questions: 1.Does your organization have a formal/written social media acceptable use policy? 2.What level of access does your organization allow to each of the follwoing social media sites: Twitter, Facebook, YouTube, LinkedIn, Blogs, and Other?
Gizmodo ran a story about who is downloading the files with the information about 100 million facebook users. http://gizmodo.com/5599970/major-corporations-are-downloading-those-100-million-facebook-profiles-off-bittorrent It turns out that lots of people are. The story says companies, such as Motorola, IBM, Apple, and Disney, among others, are downloading the data. Organizations such as the United Nations made the list as well.
Hitler is alive in South America. Jim Morrison is alive and living in seclusion on a mountain somewhere. Conspiracy theories never die and tend to live forever in the minds of the irrational. I recently received the following question: “Some people say that the AV company itself (ESET, Kaspersky, Symantec ..) also writes viruses! How
While we talk about the periodic leakages of personal information from Facebook and how that information is leveraged by cybercriminals, the community of Facebook users can change their ways. Let’s pair up victims with criminals based on what’s broadcast by the victim. Here are Facebook’s seven deadly sins matched up with the most likely categories
A recent article on TheStreet talk Wal-Mart putting RFID tags in its merchandise. The article questions whether or not this is an invasion of privacy, and some privacy advocates are up in arms about this. According to Wal-Mart the RFID tags can be removed from purchased items. The RFID tags are not personalized to the
You might recall back in November of 2009 ESET released the findings of a survey about cybercrime http://www.eset.com/threat-center/blog/2009/11/16/once-upon-a-cybercrime%E2%80%A6. We went back to Competitive Edge Research & Communication and commissioned them to conduct a new survey to determine prevalence of social networking as well as to identify online security and privacy concerns of Americans. In addition
As expected, Microsoft has released a critical out-of-band patch for the LNK shortcut file vulnerability which received attention last month. As a critical patch, this update will be delivered through Windows’ Automatic Update service, as well as being directly available for download from Microsoft’s site without a Windows Genuine Advantage check. A reboot is required for the
UK journalist Kevin Townsend has blogged today on what sounds like two support scam phone-calls of a type I've mentioned here a few times since a colleague at another company drew my attention to it last month.